Skip to content

Security: yoshi2no/storybook

Security

SECURITY.md

Security Policy

Supported Versions

We release patches for fixing security vulnerabilities, primarily focusing on the latest release only.

In the event of a high-risk vulnerability, we may backport the security fixes to the minor versions of the software, starting from the latest minor version up to the latest major release. The decision to backport security fixes to older versions will be made based on a risk assessment and the feasibility of implementing the patch in those versions.

Reporting a Vulnerability

To report a vulnerability, you can reach out to the maintainers directly on Twitter: https://twitter.com/storybookjs

When we fix a security issue, we will post a security advisory on Github/NPM, describe the change in the release notes, and also announce notify the community on our Discord.

There aren’t any published security advisories